We manage more than a quarter billion dollars of premiums for a diverse range of clients around the globe.
Risks pose threats to a broad range of your organization’s resources, such as assets, company reputation or time. These resources are spread throughout a variety of potential risk owners. In turn, each risk owner may have access to only certain capabilities for addressing risk. For example:
An Enterprise Risk Management (ERM) process can yield a valuable communication for your organization: the Risk Appetite Statement. This statement serves an important assurance role for stakeholders in your company, and is an indicator of critical, board or executive-level oversight of risk management. It serves as a tangible product of an effective effort to assess and control risk across the enterprise. It can be referenced as the basis for any communication or disclosure your company may need to make about its risk management policy and efforts.
Do you save-up your frequent-flier miles in anticipation of your next business trip, family vacation, or points’ spending spree? What if the next time you logged into your account, you found the points balance displaying a big, round zero?
As Cyber Risk continues to evolve, it is becoming very evident that while it is spread over a variety of industries, the types of Cyber Risks are specific to each industry and play a major role in their level of exposure. The healthcare sector in particular, is targeted most heavily by hackers and malicious campaigns due to the private nature and black market value of the data. Personally Identifiable Information (PII) and Personal Health Information (PHI) contain data in which a bad actor can easily steal someone’s identity, open false accounts, perform fraudulent transactions, or hack/gain access to bank and other types of private accounts.
Fake bank accounts, food-borne illnesses, smartphones catching fire, cyber breaches. These are just a handful of recent events that have played out in the news and flooded social media, exponentially effecting conversations, comments and opinions, and most importantly, reputation and revenue. One thing that all of these seemingly different events have in common is that each one can be classified as a crisis, and require a thoughtful and carefully orchestrated response.
The Personally Identifiable Information (“PII”) of approximately 10,000 past and present employees of Seagate Technology, a leading electronics and data storage solutions manufacturer, was handed over freely to cybercriminals. The information included W-2 forms, names of beneficiaries, social security numbers of employees and spouses, etc. Needless to say, the impacted people are not thrilled and have brought suit against Seagate for malpractice and a lack of regard for employees affected by the negligent handling of data.
The U.S. Department of Justice stated that “More than 4,000 ransomware attacks have occurred daily since January 1, 2016. This is a 300 percent increase over the approximately 1,000 attacks per day seen in 2015.” Essentially, no particular user, company or business sector is safe. Although the Healthcare and Retail industries are targeted for their volume and value of data, home computers may also fall victim to ransomware.
I’ve headed off on vacation with my wife and kid in sunny Florida, but didn’t want to miss posting something useful for Cyber Tuesday. Having been preaching the “dos” and “don’ts” of data security for businesses, I had to make sure my own mobile devices were secured while on the move. My wife will probably disagree, but, in my opinion securing your data (both personal and professional) while on the go is just as, if not more important than making sure you packed your toothbrush and sunscreen.
Between company logins, online banking, personal email accounts, and various social media accounts the average user is required to come up with a lot of passwords. Unfortunately, many use the same password for all of their logins, simply for the sake of convenience. This poses a huge security risk, as once any one of those services is hacked and the user’s password becomes compromised, all of the other accounts are in jeopardy.
Cisco has released the 2016 Midyear Cybersecurity Report and their findings point to future, more sophisticated types of ransomware that will take full advantage of systems with less than satisfactory security measures, patching practices, and detection rates.
